redirect multiple local ports to corresponding remote IPs / ports?
67 views
Skip to first unread message
Patrick Schleizer
Feb 6, 2017, 12:41:40 PM2/6/17
to system...@lists.freedesktop.org, Whonix-devel, qubes...@googlegroups.com
systemd directive ListenStream and systemd-socket-proxyd is really useful.
Let's say I want to redirect...
ListenStream=80
ListenStream=81
etc.
ExecStart=/usr/lib/systemd/systemd-socket-proxyd
Is there during ExecStart some way to get the ListenStream port? I.e.
ExecStart=/usr/lib/systemd/systemd-socket-proxyd 10.152.152.10:${PORT}
I mean, if
- ListenStream=80 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
10.152.152.10:80
- ListenStream=81 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
10.152.152.10:81
etc.
Or can there be a wrapper that has access to the ListenStream port number?
If you are wondering what I am trying to do... I am trying to port
anon-ws-disable-stacked-tor from loads of mostly idle socat listeners to
systemd socket activation. Ideally, rather elegantly without one systemd
unit file per port redirection. [1] [2] [3] [4]
Best regards,
Patrick
[1]
https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/etc/anon-ws-disable-stacked-tor.d/30_anon-dist.conf
[2]
https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/lib/systemd/system/anon-ws-disable-stacked-tor.service
[3]
https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/usr/lib/anon-ws-disable-stacked-tor/socat-unix-sockets
[4] https://github.com/Whonix/anon-ws-disable-stacked-tor
Let's say I want to redirect...
ListenStream=80
ListenStream=81
etc.
ExecStart=/usr/lib/systemd/systemd-socket-proxyd
Is there during ExecStart some way to get the ListenStream port? I.e.
ExecStart=/usr/lib/systemd/systemd-socket-proxyd 10.152.152.10:${PORT}
I mean, if
- ListenStream=80 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
10.152.152.10:80
- ListenStream=81 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
10.152.152.10:81
etc.
Or can there be a wrapper that has access to the ListenStream port number?
If you are wondering what I am trying to do... I am trying to port
anon-ws-disable-stacked-tor from loads of mostly idle socat listeners to
systemd socket activation. Ideally, rather elegantly without one systemd
unit file per port redirection. [1] [2] [3] [4]
Best regards,
Patrick
[1]
https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/etc/anon-ws-disable-stacked-tor.d/30_anon-dist.conf
[2]
https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/lib/systemd/system/anon-ws-disable-stacked-tor.service
[3]
https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/usr/lib/anon-ws-disable-stacked-tor/socat-unix-sockets
[4] https://github.com/Whonix/anon-ws-disable-stacked-tor
Lennart Poettering
Feb 6, 2017, 1:13:13 PM2/6/17
to Patrick Schleizer, system...@lists.freedesktop.org, Whonix-devel, qubes...@googlegroups.com
On Mon, 06.02.17 17:41, Patrick Schleizer (patrick-ma...@whonix.org) wrote:
> systemd directive ListenStream and systemd-socket-proxyd is really useful.
>
> Let's say I want to redirect...
>
> ListenStream=80
> ListenStream=81
> etc.
>
> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
>
> Is there during ExecStart some way to get the ListenStream port? I.e.
>
> ExecStart=/usr/lib/systemd/systemd-socket-proxyd 10.152.152.10:${PORT}
>
> I mean, if
> - ListenStream=80 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
> 10.152.152.10:80
> - ListenStream=81 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
> 10.152.152.10:81
> etc.
>
> Or can there be a wrapper that has access to the ListenStream port number?
>
> If you are wondering what I am trying to do... I am trying to port
> anon-ws-disable-stacked-tor from loads of mostly idle socat listeners to
> systemd socket activation. Ideally, rather elegantly without one systemd
> unit file per port redirection. [1] [2] [3] [4]
This is not supported. But if you send a PR that makes it possible to
> systemd directive ListenStream and systemd-socket-proxyd is really useful.
>
> Let's say I want to redirect...
>
> ListenStream=80
> ListenStream=81
> etc.
>
> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
>
> Is there during ExecStart some way to get the ListenStream port? I.e.
>
> ExecStart=/usr/lib/systemd/systemd-socket-proxyd 10.152.152.10:${PORT}
>
> I mean, if
> - ListenStream=80 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
> 10.152.152.10:80
> - ListenStream=81 -> ExecStart=/usr/lib/systemd/systemd-socket-proxyd
> 10.152.152.10:81
> etc.
>
> Or can there be a wrapper that has access to the ListenStream port number?
>
> If you are wondering what I am trying to do... I am trying to port
> anon-ws-disable-stacked-tor from loads of mostly idle socat listeners to
> systemd socket activation. Ideally, rather elegantly without one systemd
> unit file per port redirection. [1] [2] [3] [4]
derive the port nr for the destination from the port nr of the
listening socket, then that'd certainly be welcome and we'd merge it
after review.
Lennart
--
Lennart Poettering, Red Hat
Reply all
Reply to author
Forward
0 new messages